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DETAILED ACTION 

This action is in response to the papers filed 2/12/2009. 



Response to Arguments 

Applicant's arguments with respect to Winneg not disclosing "a multi-user 
system" have been fully considered but they are not persuasive. Winneg clearly 
discloses a multi-user system in column 4 lines 8-18 workstation of a computer lab. 

In response to applicant's argument that the references fail to show certain 
features of applicant's invention, it is noted that the features upon which applicant relies 
(i.e., creating a list of authorized applications in a database on the network) are not 
recited in the rejected claim(s). Although the claims are interpreted in light of the 
specification, limitations from the specification are not read into the claims. See In re 
Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). A multi-user system can 
be construed as a computer that multiple user use not just a network. 



Claim Rejections - 35 USC § 101 
35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 2 and 4 are rejected under 35 U.S.C. 101 because the claim invention is 
directed to non-statutory subject matter. With the respect to claim 2 and 4, what is 
being claimed appears to read on software alone. Software by itself is not statutory. A 
claim to a data structure, per se, or other functional descriptive material, including 
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computer programs, per se, is not patent eligible subject matter. This is exemplified in In 
re Warmerdam 31 USPQ2d 1754 where the rejection of a claim to a disembodied data 
structure was affirmed. Functional descriptive material claimed in combination with an 
appropriate computer readable medium to enable the functionality to be realized is 
patent eligible subject matter if it is capable of producing a useful, concrete and tangible 
result when used in the computer system. Compare Warmerdam to In re Lowry 32 
USPQ2d 1031 where a memory with a data structure that increased computing 
efficiency was patentable. 



Claim Rejections - 35 USC § 102 

Claims 1, 2, 4 and 9 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Winneg et al (US 7,165,269). 

With respect to claim 1 , a process for controlling the application that a computer 
user my run on a multi-user system, comprising the steps of: 

Automatically using a security executable on the multi-user system (see column 
4 lines 8-18 workstation of a computer lab) in user mode to create a list of authorized 
application in a database of the multi-user system for computer user when the computer 
user logs on to the multi-user system (see column 18 lines 47-56 i.e. A list of processes 
authorized to be executed on the computer system may be maintained, for example, as 
part of the method 100. Such a list may be maintained in any of a variety of ways, for 
example, by storing the list in one or more registers, by representing the list using one 
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or more abstraction implemented using a programming language, or by storing the list in 
a file such as a text file); 

attaching a hook function in user mode to all new applications (see column 12 
lines 43-59); employing the hook function whenever a new application is started to send 
a message to the security executable in user mode (see column 12 lines 43 column 13 
line 2), said message including a process id and path of the new application (see 
"SetWindowsHookEx" reference, Dietmoday inherent in windows to 
SetWindowsHookEX function parameter dwThread ID ); receiving said message from 
the hook function at the security executable and correlating to said list to determine 
whether the new application is authorized or not (see figure 1 0 and column 1 9 lines 1 0- 
16); answering the message by the security executable when the new application is 
authorized to indicate so (see column 13 lines 3-20); stopping the new application when 
the new application is not authorized (see column 19 lines 53-57). 

With respect to claim 2, a software system for controlling the applications that a 
computer user may run on a multi-user system, comprising: 

a first program module for automatically attaching a hook function to all new 
applications in user mode when the computer user logs on to the multi-user system and 
for querying an ID of each said new application (see column 1 2 lines 43-59); 

a second program module for communicating with said first program module by 
sending a message with the application ID and the path of the application being 
examined, said second program module using a security executable on the multi-user 
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system in user mode to build a list of allowed applications in the database of the multi- 
user system (see column 18 lines 47-56), retrieving retrieve the ID of each new 
application from said first program module (see figure 10 and column 19 lines 10-16), 
terminate each new application not identified on said list of allowed applications, and 
answering a message from said first program molule when the application is identified 
on said list of allowed applications (see column 19 lines 53-57). 

With respect to claim 4, wherein said first program module is attached to said 
new processes by tying into the USER32 using the system dynamic link library (see 
column 13 lines 21-29). 

With respect to claim 9, comprising the steps of: using a security executable on 
the multi-user system in user mode to create and maintain a list of authorized 
applications in a database of the multi-user system and IDs for each computer user 
when the computer logs on to the network (see column 18 lines 47-56); attaching a 
hook function to all new applications (see column 12 lines 43-59); monitoring all new 
applications that are started with the hook function and determining an application ID 
thereof (see figure 1 0 and column 1 8 line 27 - column 1 9 line 57); receiving said 
application ID from the hook function by the security executable (see 
"SetWindowsHookEx" reference, Dietmoday inherent in windows to 
SetWindowsHookEX function parameter dwThread ID ); determining whether the 
application ID of each started application is on said list (see column 13 lines 3-20); 
allowing said application to continue when its application ID is on the list (see column 13 
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lines 3-20); terminating said application when its application ID is not on the list (see 
column 19 lines 53-57). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Devin Almeida whose telephone number is 571-270- 
1018. The examiner can normally be reached on Monday-Thursday from 7:30 A.M. to 
6:00 P.M. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron, can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. 

/Devin Almeida/ 
Examiner, Art Unit 2432 
10/01/2008 



/Benjamin E Lanier/ 

Primary Examiner, Art Unit 2432 



